package com.cyj.dream.security.component;

import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.provider.authentication.BearerTokenExtractor;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;

import javax.servlet.http.HttpServletRequest;

/**
 * @Description: 改造 {@link BearerTokenExtractor} 对公开权限的请求不进行校验
 * @BelongsProject: DreamChardonnay
 * @BelongsPackage: com.cyj.dream.security.component
 * @Author: ChenYongJia
 * @CreateTime: 2021-10-19 13:30
 * @Email: chen87647213@163.com
 * @Version: 1.0
 */
public class SosBearerTokenExtractor extends BearerTokenExtractor {

    private final PathMatcher pathMatcher;

    private final PermitAllUrlProperties urlProperties;

    public SosBearerTokenExtractor(PermitAllUrlProperties urlProperties) {
        this.urlProperties = urlProperties;
        this.pathMatcher = new AntPathMatcher();
    }

    @Override
    public Authentication extract(HttpServletRequest request) {
        boolean match = urlProperties.getUrls().stream()
                .anyMatch(url -> pathMatcher.match(url, request.getRequestURI()));

        return match ? null : super.extract(request);
    }

}
